org.jsslutils.sslcontext.test
Class MiniSslClientServer

java.lang.Object
  extended by org.jsslutils.sslcontext.test.MiniSslClientServer

public abstract class MiniSslClientServer
extends Object

This class contains both a client and a server that can be used to build small tests, to test the SSLContextFactory. These examples come with a demo CA (a few certificates and keys). These are not to be used in real-life application. DO NOT add them to your set of trusted certificates in your web-browser or similar application.

Author:
Bruno Harbulot.

Nested Class Summary
protected static class MiniSslClientServer.RequestHandler
          Small class that handles a server request.
 
Field Summary
static String CERTIFICATES_DIRECTORY
           
static String KEYSTORE_PASSWORD
           
protected  Exception listeningServerException
           
protected  LinkedBlockingQueue<Future<Object>> serverRequestsFutures
           
protected  int serverTimeout
           
protected  boolean stopServer
           
protected  int testPort
           
protected  boolean verboseExceptions
           
 
Constructor Summary
MiniSslClientServer()
           
 
Method Summary
 KeyStore getBadClientCertKeyStore()
          Returns the keystore containing a test key and certificate that is not to be trusted by the server when CRLs are enabled.
 KeyStore getCaKeyStore()
          Returns the store of CA certificates, to be used as a trust store.
protected  String getCertificatesDirectory()
           
 KeyStore getGoodClientCertKeyStore()
          Returns the keystore containing a test key and certificate that is to be trusted by the server.
 Collection<X509CRL> getLocalCRLs()
          Returns a collection of CRLs to be used by the tests.
 KeyStore getServerCertKeyStore()
          Returns the keystore containing the key and the certificate to be used by the server.
protected  Exception makeClientRequest(SSLContext sslClientContext)
           
protected  SSLServerSocket prepareServerSocket(SSLContext sslServerContext)
          Creates and binds the SSLServerSocket to a port after trying a few port numbers.
protected  Throwable printSslException(String prefix, SSLException sslException, SSLSocket socket)
          Used for printing out more info when there's a problem.
protected  void printSslSocketInfo(SSLSocket socket)
          Used for printing out more info when there's a problem.
protected  Thread runServer(SSLServerSocket serverSocket)
          Starts the mini server.
 boolean runTest(SSLContext sslClientContext, SSLContext sslServerContext)
          This runs the main test: it runs a client and a server.
protected  void setServerRequestNumber(int serverRequestNumber)
          Sets the number of requests the mini server is supposed to accept.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

CERTIFICATES_DIRECTORY

public static final String CERTIFICATES_DIRECTORY
See Also:
Constant Field Values

KEYSTORE_PASSWORD

public static final String KEYSTORE_PASSWORD
See Also:
Constant Field Values

stopServer

protected volatile boolean stopServer

verboseExceptions

protected boolean verboseExceptions

serverTimeout

protected volatile int serverTimeout

testPort

protected int testPort

serverRequestsFutures

protected final LinkedBlockingQueue<Future<Object>> serverRequestsFutures

listeningServerException

protected volatile Exception listeningServerException
Constructor Detail

MiniSslClientServer

public MiniSslClientServer()
Method Detail

getCertificatesDirectory

protected String getCertificatesDirectory()

getCaKeyStore

public KeyStore getCaKeyStore()
                       throws IOException,
                              NoSuchAlgorithmException,
                              KeyStoreException,
                              CertificateException
Returns the store of CA certificates, to be used as a trust store. The default value is to load 'dummy.jks', part of this test suite.

Returns:
KeyStore containing the certificates to trust.
Throws:
IOException
NoSuchAlgorithmException
KeyStoreException
CertificateException

getServerCertKeyStore

public KeyStore getServerCertKeyStore()
                               throws IOException,
                                      NoSuchAlgorithmException,
                                      KeyStoreException,
                                      CertificateException
Returns the keystore containing the key and the certificate to be used by the server.

Returns:
KeyStore containing the server credentials.
Throws:
IOException
NoSuchAlgorithmException
KeyStoreException
CertificateException

getGoodClientCertKeyStore

public KeyStore getGoodClientCertKeyStore()
                                   throws IOException,
                                          NoSuchAlgorithmException,
                                          KeyStoreException,
                                          CertificateException
Returns the keystore containing a test key and certificate that is to be trusted by the server. This is the "good" keystore in that its certificate has not been revoked by the demo CA. This should work whether-or-not CRLs are used.

Returns:
KeyStore containing the "good" client credentials.
Throws:
IOException
NoSuchAlgorithmException
KeyStoreException
CertificateException

getBadClientCertKeyStore

public KeyStore getBadClientCertKeyStore()
                                  throws IOException,
                                         NoSuchAlgorithmException,
                                         KeyStoreException,
                                         CertificateException
Returns the keystore containing a test key and certificate that is not to be trusted by the server when CRLs are enabled. This is the "bad" keystore in that its certificate has been revoked by the demo CA. This should pass work when CRLs checks are disabled, but fail when they are used.

Returns:
KeyStore containing the "bad" client credentials.
Throws:
IOException
NoSuchAlgorithmException
KeyStoreException
CertificateException

getLocalCRLs

public Collection<X509CRL> getLocalCRLs()
                                 throws IOException,
                                        NoSuchAlgorithmException,
                                        KeyStoreException,
                                        CertificateException,
                                        CRLException
Returns a collection of CRLs to be used by the tests. This is loaded from 'newca.crl'.

Returns:
CRLs
Throws:
IOException
NoSuchAlgorithmException
KeyStoreException
CertificateException
CRLException

setServerRequestNumber

protected void setServerRequestNumber(int serverRequestNumber)
Sets the number of requests the mini server is supposed to accept. This defaults to 1, with a 4-second timeout.

Parameters:
serverRequestNumber -

prepareServerSocket

protected SSLServerSocket prepareServerSocket(SSLContext sslServerContext)
Creates and binds the SSLServerSocket to a port after trying a few port numbers.

Parameters:
sslServerContext - SSLContext from which to build the socket and its SSLSocketFactory.
Returns:
Bound SSLServerSocket.

runServer

protected Thread runServer(SSLServerSocket serverSocket)
Starts the mini server.

Parameters:
serverSocket - bound SSLServerSocket for this server.

runTest

public boolean runTest(SSLContext sslClientContext,
                       SSLContext sslServerContext)
                throws IOException,
                       InterruptedException
This runs the main test: it runs a client and a server.

Parameters:
sslClientContext - SSLContext to be used by the client.
sslServerContext - SSLContext to be used by the server.
Returns:
true if the server accepted the SSL certificate.
Throws:
SSLContextFactoryException
IOException
InterruptedException

makeClientRequest

protected Exception makeClientRequest(SSLContext sslClientContext)
                               throws IOException
Parameters:
sslClientSocketFactory -
Throws:
IOException

printSslException

protected Throwable printSslException(String prefix,
                                      SSLException sslException,
                                      SSLSocket socket)
Used for printing out more info when there's a problem.

Parameters:
prefix -
sslException -
socket -
Returns:

printSslSocketInfo

protected void printSslSocketInfo(SSLSocket socket)
Used for printing out more info when there's a problem.

Parameters:
socket -


Copyright © 2012. All Rights Reserved.